What is BlackShades?

BlackShades is malicious software that acts as a Remote Access Tool (RAT), which allows an attacker to gain full control of a user’s computer when installed. It affected Microsoft Windows-based computers.

BlackShades can also allow an attacker to carry out large-scale distributed denial-of-service (DDoS) cyber attacks.

Versions of the software – which can be found online for as little as $40 – are often advertised to average users as a way to catch cheating lovers, according to Kellman Meghu, head of security engineering at Check Point Software Technologies.

“It could even take over someone’s Facebook account once it was on their system – it has a lot of nefarious uses that people may want to use against spouses, employers, etc.,” said Meghu.

“It can be used for criminal enterprise, but it’s a publically supported tool which makes it a little bit dangerous in the sense that you don’t have to be a very technical person to learn how to use it.”

According to the FBI, the BlackShades RAT has been sold to several thousand users online since 2010.

What would an attacker do with this software?

Once installed, the software would allow an attacker to view and access files on the computer, take control of the mouse and the screen, and even record a user’s keystrokes to record passwords or sensitive information.

RATs can also allow someone to turn on a device’s webcam and record video or take photos without the user knowing.

“As today’s case makes clear, we now live in a world where, for just $40, a cybercriminal halfway across the globe can—with just a click of a mouse—unleash a RAT that can spread a computer plague not only on someone’s property but also on their privacy and most personal spaces,” said U.S. Attorney Preet Bharara in a statement.